KR101587455B1 - Method and Server Apparatus for Data Differential Distribution on File Transfer Protocol - Google Patents
Method and Server Apparatus for Data Differential Distribution on File Transfer Protocol Download PDFInfo
- Publication number
- KR101587455B1 KR101587455B1 KR1020140172535A KR20140172535A KR101587455B1 KR 101587455 B1 KR101587455 B1 KR 101587455B1 KR 1020140172535 A KR1020140172535 A KR 1020140172535A KR 20140172535 A KR20140172535 A KR 20140172535A KR 101587455 B1 KR101587455 B1 KR 101587455B1
- Authority
- KR
- South Korea
- Prior art keywords
- data
- user account
- user
- transfer protocol
- file transfer
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a data difference method and a server apparatus in a file transfer protocol. A data difference method and a server apparatus in a disclosed file transfer protocol differentially provide data according to an access right through a user account verification in a file transfer protocol, the method comprising the steps of: The method comprising the steps of: verifying a user account provided through the user terminal; authenticating a data access right previously granted to the user account when the user account is suitable; And generating data corresponding to the access right of the user account and providing the generated data to the user terminal. The data difference method in the file transfer protocol and the server apparatus therefor, to provide. According to the present invention, it is possible to more flexibly structure and provide a data space that can be accessed for each user account accessed through a file transfer protocol. Further, various conditions are assigned to various user accounts, And can be realized within the file transfer protocol, thereby enhancing the security of the data and improving the transmission speed.
Description
The present invention relates to a data difference method and a server apparatus in a file transfer protocol, and more particularly, to a data difference method and a server apparatus in which data security and transmission speed are improved through identification of an access right of a user account in a file transfer protocol environment will be.
The contents described in this section merely provide background information on the embodiment of the present invention and do not constitute the prior art.
WWW (World Wide Web) accessed through the HTTP protocol is advantageous in that it can easily use general characters, photos, music, and video contents. However, it is crucial to send a large amount of files in a batch, Control is cumbersome. It is much more advantageous to use the file transfer protocol (FTP, File Transfer Protocol), which is a dedicated file transfer service, when sending and receiving large amounts of files over the network.
Since the file transfer protocol is a service (or protocol) designed only for sending and receiving files over the Internet, the operation method is very simple and intuitive. As such, it is easy to use. First of all, the biggest advantage of file transfer protocol is that files can be sent and received at a faster speed than WWW method
The file transfer protocol controls the access by setting the user's access privilege to the pre-created data folder. However, when data folders and users are large, it is difficult to grant various rights to each user under this scheme.
Accordingly, the present invention proposes a data difference method and a server apparatus in a file transfer protocol that can satisfy the requirements to overcome the above-mentioned technical constraints.
SUMMARY OF THE INVENTION The present invention has been made in view of the above circumstances, and an object of the present invention is to provide a data difference method and server for accessing a differentiated data folder by obtaining various rights for various user accounts to be accessed, Device.
Another object of the present invention is to propose a data difference method and a server apparatus in a file transfer protocol that can enhance data security and improve overall data transmission speed by changing access rights for each user account.
The problems to be solved by the present invention are not limited to those mentioned above, and another problem to be solved can be clearly understood by those skilled in the art from the following description.
According to an aspect of the present invention, there is provided a data difference method for differentiating data according to an access right through user account verification in a file transfer protocol, the method comprising: The method comprising the steps of: verifying a user account provided through the user terminal; authenticating a data access right previously granted to the user account when the user account is verified; Generating an independent session between the user terminal and the server, and generating data corresponding to the access right of the user account and providing the generated data to the user terminal.
A data server apparatus for differentiating data according to an access right through a user account verification in a file transfer protocol, the data server apparatus comprising: a user account verifier for verifying a user account of a user terminal accessing through a file transfer protocol; And an agent for structuring and providing the data to which the access right is granted for the authenticated user account, in the file transfer protocol. .
As another means for solving the problem of the present invention, there is provided a computer readable recording medium on which a program for executing a data difference method in a file transfer protocol is recorded
According to the data difference method and the server apparatus in the file transfer protocol of the present invention, a data space that can be accessed for each user account can be more flexibly structured and provided.
In addition, it is possible to differentially provide data with a lot of authority by giving various conditions to various users, and it is possible to realize within the file transfer protocol, thereby enhancing security of data and improving transfer speed simultaneously .
The effects obtained in the present invention are not limited to the effects mentioned above, and other effects not mentioned can be clearly understood by those skilled in the art from the following description .
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of the specification, illustrate embodiments of the invention and, together with the description, serve to explain the technical features of the invention.
1 is a schematic block diagram of a shared folder access method in a file transfer protocol according to the prior art.
2 is a diagram illustrating a conventional configuration of a data access method in a file transfer protocol according to an embodiment of the present invention.
3 is a diagram illustrating a configuration of a file transfer protocol server according to an embodiment of the present invention.
FIG. 4 is a diagram illustrating a concept of data difference according to an exemplary embodiment of the present invention. Referring to FIG.
FIG. 5A is a diagram illustrating a screen connected to a server before agent activation according to an embodiment of the present invention. FIG.
5B is a diagram illustrating a screen connected to a server after agent activation according to an embodiment of the present invention.
FIG. 6 is a diagram illustrating different file access rights according to an embodiment of the present invention.
7 is a diagram illustrating a data difference method in a file transfer protocol according to an embodiment of the present invention.
Hereinafter, preferred embodiments according to the present invention will be described in detail with reference to the accompanying drawings. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS The following detailed description, together with the accompanying drawings, is intended to illustrate exemplary embodiments of the invention and is not intended to represent the only embodiments in which the invention may be practiced. The following detailed description includes specific details in order to provide a thorough understanding of the present invention. However, those skilled in the art will appreciate that the present invention may be practiced without these specific details.
In some instances, well-known structures and devices may be omitted or may be shown in block diagram form, centering on the core functionality of each structure and device, to avoid obscuring the concepts of the present invention.
Throughout the specification, when an element is referred to as "comprising" or " including ", it is meant that the element does not exclude other elements, do. Also, the terms " part, "" module," and " module ", etc. in the specification mean a unit for processing at least one function or operation and may be implemented by hardware or software or a combination of hardware and software have. Also, the terms " a or ", "one "," the ", and the like are synonyms in the context of describing the invention (particularly in the context of the following claims) May be used in a sense including both singular and plural, unless the context clearly dictates otherwise.
In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The following terms are defined in consideration of the functions in the embodiments of the present invention, which may vary depending on the intention of the user, the intention or the custom of the operator. Therefore, the definition should be based on the contents throughout this specification.
Hereinafter, embodiments of the present invention will be described with reference to the accompanying drawings.
1 is a schematic block diagram of a shared folder access method in a file transfer protocol according to the prior art.
In the general file transfer protocol, access to the shared
The
A user accessing through the
The shared folder 120 is a folder existing and fixedly created in the file
When the
For example, in an organization such as a company, it is necessary to assign the file access authority of the
According to the present invention, a flexible
2 is a diagram illustrating a conventional configuration of a data access method in a file transfer protocol according to an embodiment of the present invention.
In the method of accessing a shared folder in the file transfer protocol according to the embodiment of the present invention, as in the prior art, the access authority is not set in advance in the shared
The concept and configuration of the
3 is a diagram illustrating a configuration of a file transfer protocol server apparatus according to an embodiment of the present invention.
The
The user
In the case of a valid user account, the
The
The data differential distribution in the present invention refers to a data differential distribution in which a
The
FIG. 4 is a diagram illustrating a concept of data difference according to an exemplary embodiment of the present invention. Referring to FIG.
As shown in FIG. 4, the data difference is generated by creating a
The
FIG. 5A is a diagram illustrating a screen connected to a server before agent activation according to an embodiment of the present invention. FIG.
The d1001000 folder already existing in the
5B is a diagram illustrating a screen connected to a server after agent activation according to an embodiment of the present invention.
The [100] folder and its subfolders ([200], [300], etc.) are displayed in the
FIG. 6 is a diagram illustrating different file access rights according to an embodiment of the present invention.
FIG. 6 illustrates a file structure shown in a user account of a
User 1 can access all folders. User 2 can access other folders except 203, 301, 307, 308, 309, 310, 312, and 314 folders.
The user 3 can access folders other than the
A folder whose access is restricted is not visible in the
Hereinafter, a data difference method for differentiating data according to a user account access right through account identification of a user in the file transfer protocol of the present invention will be described with reference to FIG.
7 is a diagram illustrating a data difference method in a file transfer protocol according to an embodiment of the present invention.
When the
If the user account verification fails, the file transfer protocol service step can not proceed until the verification is passed.
If the user account satisfies the predetermined format specified in the
Apart from step S704, it is preferable that the data provided to the
In step S705, a session independent of the
Two connections are created between the
In the present invention, a data difference distribution is referred to as a data differential distribution in the present invention. In the present invention, the
The data difference process S706 will be described in more detail. The
Implementations of the various techniques described herein may be implemented in digital electronic circuitry, or in computer hardware, firmware, software, or combinations thereof. Implementations may be implemented in a computer program product, such as an information carrier, e.g., a machine readable storage device, such as a computer readable storage medium, for example, for processing by a data processing apparatus, Apparatus (computer readable medium) or as a computer program tangibly embodied in a propagation signal.
A computer program, such as the
The method steps may be performed by one or more programmable processors executing a computer program to perform functions by operating on input data and generating an output. The method steps may also be performed by special purpose logic circuitry, e.g., a field programmable gate array (FPGA) or an application-specific integrated circuit (ASIC), and the devices may be implemented as such.
Processors suitable for processing a computer program include, by way of example, both general purpose and special purpose microprocessors, and any one or more processors of any kind of digital computer. Generally, a processor will receive instructions and data from a read-only memory or a random access memory or both. The elements of a computer may include at least one processor for executing instructions and one or more memory devices for storing instructions and data. Generally, a computer may include one or more mass storage devices for storing data, such as magnetic, magneto-optical disks, or optical disks, or may receive data from them, transmit data to them, . ≪ / RTI > Information carriers suitable for embodying computer program instructions and data include, for example, semiconductor memory devices, for example, magnetic media such as hard disks, floppy disks and magnetic tape, compact disk read only memory A magneto-optical medium such as a floppy disk, an optical disk such as a DVD (Digital Video Disk), a ROM (Read Only Memory), a RAM , Random Access Memory), a flash memory, an EPROM (Erasable Programmable ROM), an EEPROM (Electrically Erasable Programmable ROM), and the like. The processor and memory may be supplemented or included by special purpose logic circuitry.
While the specification contains a number of specific implementation details, it should be understood that they are not to be construed as limitations on the scope of any invention or claim, but rather on the description of features that may be specific to a particular embodiment of a particular invention Should be understood. Certain features described herein in the context of separate embodiments may be implemented in combination in a single embodiment. Conversely, various features described in the context of a single embodiment may also be implemented in multiple embodiments, either individually or in any suitable subcombination. Further, although the features may operate in a particular combination and may be initially described as so claimed, one or more features from the claimed combination may in some cases be excluded from the combination, Or a variant of a subcombination.
The separation of the various system components of the above-described embodiments should not be understood as requiring such separation in all embodiments, and the program components and systems described can generally be integrated together into a single software product or packaged into multiple software products Points should be understood.
It should be noted that the embodiments of the present invention disclosed in the present specification and drawings are only illustrative of specific examples for the purpose of understanding and are not intended to limit the scope of the present invention. It will be apparent to those skilled in the art that other modifications based on the technical idea of the present invention are possible in addition to the embodiments disclosed herein.
According to the data difference method and the server apparatus in the file transfer protocol of the present invention, a data space that can be accessed for each user account can be structured more flexibly to differentially provide data with a lot of authority, It is possible to increase the security of the data and to improve the transmission speed. Therefore, it is not only the use of the related technology but also the possibility of selling or operating the applicable device, This is an invention that is industrially applicable because it can be practically done.
100: user terminal 200: server
201: shared folder 202: virtual data space
210: User Account Verification Unit 220:
230: agent 240: data validation unit
Claims (9)
Connecting a user terminal to a server through a file transfer protocol;
Verifying a user account accessed through the user terminal;
Authenticating the data access right previously granted to the user account when the user account is verified;
Generating an independent session between the user terminal and the server when the data access right is authenticated; And
Generating data corresponding to the access right of the user account and providing the generated data to the user terminal;
, ≪ / RTI &
Wherein the step of generating data corresponding to the access right of the user account and providing the generated data to the user terminal comprises:
Creating a virtual data space, and creating or activating a file folder having only data corresponding to the access right of the user account, and providing the file folder to the user terminal.
Further comprising verifying the formal validity of data provided to the user terminal.
Wherein the verifying the user account provided through the user terminal comprises:
And verifying and verifying one or more pieces of information of a user's ID, name, phone number, and location provided through the user terminal.
A user account verifier for verifying a user account of a user terminal through a file transfer protocol;
A rights authentication unit for authenticating a data access right previously granted for each user account; And
An agent for structuring and providing data to which the access right is granted for the authenticated user account;
, ≪ / RTI &
The agent,
And creates a virtual data space, and creates a file folder having only the data to which the access right of the user account is granted, and provides the file folder to the user terminal when the user account and the access right are verified. Data server device.
The user-
And verifying and verifying one or more pieces of information of a user's ID, name, phone number, and location provided through the user terminal.
Further comprising a data validity verifying unit for verifying formal validity of data provided to the user terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020140172535A KR101587455B1 (en) | 2014-12-03 | 2014-12-03 | Method and Server Apparatus for Data Differential Distribution on File Transfer Protocol |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020140172535A KR101587455B1 (en) | 2014-12-03 | 2014-12-03 | Method and Server Apparatus for Data Differential Distribution on File Transfer Protocol |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101587455B1 true KR101587455B1 (en) | 2016-02-02 |
Family
ID=55354616
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020140172535A KR101587455B1 (en) | 2014-12-03 | 2014-12-03 | Method and Server Apparatus for Data Differential Distribution on File Transfer Protocol |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101587455B1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102269885B1 (en) * | 2020-11-23 | 2021-06-28 | 주식회사 넷앤드 | An access control system of making up customized server work environment for each user |
-
2014
- 2014-12-03 KR KR1020140172535A patent/KR101587455B1/en not_active IP Right Cessation
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102269885B1 (en) * | 2020-11-23 | 2021-06-28 | 주식회사 넷앤드 | An access control system of making up customized server work environment for each user |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11489801B2 (en) | Systems and methods for controlling email access | |
US10666591B2 (en) | Systems and methods for controlling email access | |
CN106105138B (en) | Authenticating virtual machine images using digital certificates | |
US10587415B2 (en) | Systems and methods for controlling email access | |
US11509537B2 (en) | Internet of things device discovery and deployment | |
CN106856475B (en) | Authorization server and authentication collaboration system | |
US9325713B2 (en) | Systems and methods for controlling email access | |
US9407615B2 (en) | Single set of credentials for accessing multiple computing resource services | |
CN106685978B (en) | Method and device for controlling access authority among multiple devices and mobile terminal | |
EP3069464B1 (en) | Identity pool bridging for managed directory services | |
US11902268B2 (en) | Secure gateway onboarding via mobile devices for internet of things device management | |
US10505983B2 (en) | Enforcing enterprise requirements for devices registered with a registration service | |
CN105379223A (en) | Validating the identity of a mobile application for mobile application management | |
JP2016532984A (en) | Network connection automation | |
KR101928015B1 (en) | Re-programmable secure cryptographic device | |
CN105100009A (en) | Login control system, method and device | |
CN104065674A (en) | Terminal device and information processing method | |
KR101587455B1 (en) | Method and Server Apparatus for Data Differential Distribution on File Transfer Protocol | |
US11503074B2 (en) | Device enrollment in a management service | |
US11737155B2 (en) | Communication with a data storage device using an emulated Wi-Fi captive portal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
LAPS | Lapse due to unpaid annual fee |